I wanted to bring a story to the attention of everyone. We have had enough of a scare concerning SSL certs and compromised CA's; but what are we supposed to think about CA's when they do things like the following?
Trustwave Admits It Issued A Certificate To Allow Company To Run Man-In-The-Middle Attacks
Thursday, February 9, 2012
Tuesday, November 8, 2011
To all our readers (please read)
To all our readers:
It has been a pleasure to bring you some of the top stories and hacks over the last year. But, all good things must come to an end.
The SecuritySnitch team has decided to re-brand and change the focus of what we do. We will no longer be providing nightly news articles for the masses. We have decided to start a research group and give back to the community.
The logo for SecuritySnitch will continue to be used as it has grown on us over the last year. However, the name will be changed and hopefully the next articles our group shares will be about us and the work we are doing.
Our last batch of articles will go out on Friday, November
11th 2011. We hope that you will follow us as we move onto our new
goals and endeavors. Please watch securitysnitch.blogspot.com for updates concerning our new research group.
If you are going to miss us, or if you appreciated any of the work that we did, feel free to leave us a shout-out on Twitter, Facebook, commenting on this blog, or send an email to securitysnitch.news@gmail.com.
We are excited to devote full attention to our research now and we hope to share our findings with you soon.
--
The SecuritySnitch Team
It has been a pleasure to bring you some of the top stories and hacks over the last year. But, all good things must come to an end.
The SecuritySnitch team has decided to re-brand and change the focus of what we do. We will no longer be providing nightly news articles for the masses. We have decided to start a research group and give back to the community.
The logo for SecuritySnitch will continue to be used as it has grown on us over the last year. However, the name will be changed and hopefully the next articles our group shares will be about us and the work we are doing.
If you are going to miss us, or if you appreciated any of the work that we did, feel free to leave us a shout-out on Twitter, Facebook, commenting on this blog, or send an email to securitysnitch.news@gmail.com.
We are excited to devote full attention to our research now and we hope to share our findings with you soon.
--
The SecuritySnitch Team
Monday, May 30, 2011
Hackers aren’t safe from Hackers
All of us are well aware of the attacks that have taken place on Sony, TJ-Max, HBGary and others. However, let me first start off by sharing a few articles that have shown up in the last two months regarding attacks that have taken place on those that are trying to “protect us” (sorry, I have a hard time believing that is what they are doing).
TrustWave WebDefend Static Database Password
http://packetstormsecurity.org/files/view/101744/twwebdefend-passwd.txt
Hackers broke into Lockheed Martin networks & U.S. defense contractors ! : The Hacker News ~ http://www.thehackernews.com/2011/05/hackers-broke-into-lockheed-martin.html
The Oak Ridge National Laboratory Hacked ! : The Hacker News ~ http://www.thehackernews.com/2011/04/oak-ridge-national-laboratory-hacked.html
Pakistan Air Force Server Hacked by Code Breaker/Lucky (Indishell) : The Hacker News ~ http://www.thehackernews.com/2011/04/pakistan-air-force-server-hacked-by.html
Cambridge Networks hacked by Shak [PCA] : The Hacker News ~ http://www.thehackernews.com/2011/04/cambridge-networks-hacked-by-shak-pca.html
Cyber Detective & Cyber Force Hacked By Shadow008 (PakCyberArmy) : The Hacker News ~ http://www.thehackernews.com/2011/05/cyber-detective-cyber-force-hacked-by.html
The above were hacked/defaced over the last two months. What is the first thought that goes through your head when you read headlines like this?
The first thought/question from most people would probably be something along the lines of, what are they doing? If they can’t protect themselves how are they going to help us?
Good questions. But that’s not what I want to point out. What I want to point out is that even the most “secure” of us are vulnerable to attacks.
When we think security we probably think NSA, FBI, blah blah blah… right? What about the attackers? Aren’t they secure?
The really good attackers/hackers will not engage others before they themselves have established a good defense. However, even with all of the time and preparation taken to set up a good defense there almost always is a whole, a crack or a weak spot that another attacker/hacker will find and exploit.
Following are a few examples:
http://www.thehackernews.com/2011/05/pakistan-cyber-army-got-hacked-by.html
http://www.thehackernews.com/2011/04/innobuzz-ethical-hacking-training.html
http://www.thehackernews.com/2011/05/anonymous-irc-networks-ircanonopsnet.html
http://www.thehackernews.com/2011/05/ethical-hacking-services-appin-security.html
http://www.thehackernews.com/2011/05/skidhackercom-underground-hackingnet.html
http://www.thehackernews.com/2011/05/hackers-got-hacked-hackingtipsin-hacked.html
http://packetstormsecurity.org/news/view/19168/Net-Pirate-Monitoring-Firm-Hacked.html
http://www.thehackernews.com/2011/05/hackmeoutnet-hacked-by-shadow008.html
http://www.thehackernews.com/2011/05/underground-security-forums.html
I understand that some of the links above are not “hacking groups” but they teach “hacking” and therefore fall under the same category for this example.
My point to all of this is that it’s not just small businesses or even large businesses being targeted, everyone is a target.
Hacker groups have always had turf wars but we are only now seeing how wide spread it is because the hacks are being reported in the media.
Nobody is safe from hackers, not even the hackers themselves. The sooner we learn this lesson the sooner we can pull our heads out of our butts and implement security measures that actually work. However, we can not simply implement something and think it's going to be ok on its own. Once we implement something we need to make sure we are being diligent in tweaking and verifying that the implemented security measure is actually working.
Wednesday, March 16, 2011
York Uni exposes students' private info
(http://www.theregister.co.uk/2011/03/16/york_uni_student_data_breach/)
This was a particularly interesting article to read but I wanted to add a little note.
In the article they quoted Aziz Maakaroun from outpost24 as saying:
"To stop this from happening, it is vital that organisations take a more proactive approach to their security by continually scanning for web vulnerabilities which hackers find relatively easy to exploit.”
I agree with Aziz but the question most people are really going to ask is "what benefit do I really get for being proactive."
What we need to remember is that attackers are finding issues with both newly released software and hardware as well as with older systems (legacy systems) that many people are still using.
Some of the vulnerabilities attackers are finding are easy. However, a lot of attackers will put hours of work into their exploits.
So why do we need to be proactive? Attackers are working as hard or harder than we are. We must assume there are weaknesses in our code and find ways to identify and remove them.
However, sometimes vulnerabilities exist within modules we are using and not necessarily in the code we wrote. We must always be aware of reported issues with third party modules being used. The simple solution is to make sure updates are applied as soon as a vulnerability is identified and fixed.
So, recap:
Proactive - Yes
Diligent in our research - Yes
Going above and beyond our normal duties - YES!
This was a particularly interesting article to read but I wanted to add a little note.
In the article they quoted Aziz Maakaroun from outpost24 as saying:
"To stop this from happening, it is vital that organisations take a more proactive approach to their security by continually scanning for web vulnerabilities which hackers find relatively easy to exploit.”
I agree with Aziz but the question most people are really going to ask is "what benefit do I really get for being proactive."
What we need to remember is that attackers are finding issues with both newly released software and hardware as well as with older systems (legacy systems) that many people are still using.
Some of the vulnerabilities attackers are finding are easy. However, a lot of attackers will put hours of work into their exploits.
So why do we need to be proactive? Attackers are working as hard or harder than we are. We must assume there are weaknesses in our code and find ways to identify and remove them.
However, sometimes vulnerabilities exist within modules we are using and not necessarily in the code we wrote. We must always be aware of reported issues with third party modules being used. The simple solution is to make sure updates are applied as soon as a vulnerability is identified and fixed.
So, recap:
Proactive - Yes
Diligent in our research - Yes
Going above and beyond our normal duties - YES!
Monday, March 14, 2011
Additional links
Sorry this blog hasn't turned out to be very useful yet but I am still trying to get things setup. I wanted to post a few more links for anyone wanting to follow along.
Myspace: http://www.myspace.com/562531339
Facebook: http://www.facebook.com/pages/SecuritySnitch/158507154208289
Twitter: http://twitter.com/SecuritySnitch
Also I have added my RSS feed to the Right content area for easy access.
Myspace: http://www.myspace.com/562531339
Facebook: http://www.facebook.com/pages/SecuritySnitch/158507154208289
Twitter: http://twitter.com/SecuritySnitch
Also I have added my RSS feed to the Right content area for easy access.
Thursday, March 10, 2011
SecuritySnitch News
If you are into tech security subscribe to my RSS or Buzz feed @:
http://www.google.com/reader/shared/securitysnitch.news
https://profiles.google.com/securitysnitch.news#securitysnitch.news/buzz
http://www.google.com/reader/shared/securitysnitch.news
https://profiles.google.com/securitysnitch.news#securitysnitch.news/buzz
Subscribe to:
Posts (Atom)